•   about 10 years ago

Confirmation: OUATH - Mobile

Last time, we were told that the Ouath feature for native apps had not been completed...in that we can not use and consume the the Green Data API endpoints from within an native application. Is this true?


  •   •   about 10 years ago

    Is anybody monitoring this forum from admins? I haven't received any answers few days already.

  • Manager   •   about 10 years ago

    Hi Yuri/@yshteinm, I sent you an email yesterday - hopefully you got it?

    Our technical advisor is travelling at the moment so there is some delay in responding to these questions. We will respond by email and post the answers on the forum.



  •   •   about 10 years ago

    From what I understand the major part of OAuth is callback URI where access token is provided. How it suppose to work on mobile device?

  •   •   about 10 years ago

    This might give you a better understanding.


  • Manager   •   about 10 years ago

    re: the original question:

    To clarify, mobile / direct applications are currently supported by the Ontario Green Button Connect My Data Reference Architecture. As mobile applications cannot expose their own endpoints, asynchronous reads and subscription based updates will not be available to these types of applications. However, synchronous data transfers are fully available. It should also be mentioned that mobile apps will also require co-ordination with a corporate web infrastructure to manage the authorization process, as the OAuth 2.0 authorization workflow currently utilized requires such an infrastructure. Please see the notes in section 4.4 and 7.1.3 of the reference Architecture Document for further details on this point.

  •   •   about 10 years ago

    Further to the above, the Authorized Third Party (ATP) portal in the test can be used as your "portal infrastructure" in the interim. First register your app with the ATP via the Administration menu. Then use the tool to initiate the authorization process for a given Data Custodian customer. Upon successful completion of the authorization process, the returned access and refresh tokens are displayed in the ATP user interface. You can use these tokens in your mobile application for testing and demonstration purposes.

Comments are closed.